Filtered by vendor Compal
                         Subscriptions
                    
                    
                
                        Filtered by product Ch7465lg Firmware
                         Subscriptions
                    
                    
                
                    Total
                    3 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v3.1 | 
|---|---|---|---|---|
| CVE-2019-17499 | 1 Compal | 2 Ch7465lg, Ch7465lg Firmware | 2024-11-21 | 8.8 High | 
| The setter.xml component of the Common Gateway Interface on Compal CH7465LG 6.12.18.25-2p4 devices does not properly validate ping command arguments, which allows remote authenticated users to execute OS commands as root via shell metacharacters in the Target_IP parameter. | ||||
| CVE-2019-17224 | 1 Compal | 2 Ch7465lg, Ch7465lg Firmware | 2024-11-21 | 5.3 Medium | 
| The web interface of the Compal Broadband CH7465LG modem (version CH7465LG-NCIP-6.12.18.25-2p6-NOSH) is vulnerable to a /%2f/ path traversal attack, which can be exploited in order to test for the existence of a file pathname outside of the web root directory. If a file exists but is not part of the product, there is a 404 error. If a file does not exist, there is a 302 redirect to index.html. | ||||
| CVE-2019-13025 | 1 Compal | 2 Ch7465lg, Ch7465lg Firmware | 2024-11-21 | 9.8 Critical | 
| Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. | ||||
                            
                                
                                
                                    Page 1 of 1.